6 Network Protocol Analyzers

Do you know what's passing over the wire? These products can tell you.

EtherPeek contains many windows of data for each captured trace. You can display more than 90 different windows, summaries, and statistics and view the data from numerous angles. You perform most changes with one mouse click. Another unique feature of EtherPeek that I wish other products had is the ability to quickly filter out traffic you don't want to see in the display. I found this feature constantly useful, especially when trying to quickly filter out remote-monitoring traffic to concentrate on the real traffic problems.

EtherPeek

WildPackets - 925-937-3200 or 800-466-2447 www.wildpackets.com

PRICE: Starts at $3495; includes 1 year of standard support
DECISION SUMMARY
PROS:
Best GUI
Good expert-analysis mode
Many windows and reports with one click
CONS:
Some false-positive analysis errors
Separate products have separate platform support

Making a Choice
Rarely has a field been so full of worthy competitors as that of network protocol analyzers. Even the low-end open-source alternative, Ethereal, is feature-rich. You'd have a hard time going wrong by choosing any of these products. In a large,
distributed environment, Network Instruments' Observer appears to have the edge. Network Associate's Netasyst Network Analyzer has the best expert analysis, accurate decodes, and downloadable malware filters. Fluke Networks' OptiView Protocol Expert and WildPackets' EtherPeek are also solid choices for small-to-midsized networks and provide plenty of analysis features. LanHound is a solid protocol analyzer for the money but has stiff competition. My advice is to choose a product that has the feature set you're looking for in the price range your budget dictates.

End of Article

Previous 1 2 3 4 5 [6] Next

Another good low cost product for the budget minded admin is LinkFerret from Baseband technologies. According to their website, they write most of the code for the other analyzer vendors.

Randall Ader July 06, 2004

Another good sniffer is LanRaptor from www.shakti-software.com.

You can define your own protocols, so if they dont provide support, you can still fully decode any protocol that is important to you.

Anonymous User October 08, 2004 (Article Rating:

)

One thing not touched on in the article is the major difference between a software and a hardware analyzer. Only good packets can be seen by a software analyzer. If the packet cannot make it up to the top layer of the OSI 7 Layer model, you won't see it. Also the quality of the network driver is important. Some LAN cards and drivers won't work or work properly in a promiscuous mode.

Anonymous User November 23, 2004 (Article Rating:

)

Check our Greenleaf ViewComm System, excellent async and ethernet protocol analyzers - www.sysfire.com

Anonymous User January 04, 2005 (Article Rating:

)

This article is worthless

Anonymous User February 14, 2005 (Article Rating:

)

Good overview of some of the more popular protocol analyzers and their features. A matrix with comparison criteria and ratings would have been helpful. The posting made by the Anonymous user from Feb 14th, 2005 is worthless, not this article.

Anonymous User March 23, 2005 (Article Rating:

)

good passage!

haiwanxue March 10, 2006 (Article Rating:

)

You must log on before posting a comment.

If you don't have a username & password, please register now.